The Khronos Group - a non-profit industry consortium to develop, publish and promote open standard, royalty-free media authoring and acceleration standards for desktop and handheld devices, combined with conformance qualification programs for platform and device interoperability.

If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Content protection.

My question has already come up in the FAQ, but I found the answer pretty discouraging.

How do I protect my content from pirates?
The "modern" open-source-based answer to this is, of course, that you shouldn't: instead, you should architect your application or business so that the value is generated by the service you offer, not in the content delivered to the browser. However, in some cases that may well be unduly idealistic. Your best bet for under those circumstances is to look into JavaScript obfuscators.

It is more than unduly idealistic for the following reason. Many companies that build sophistocated web sites rely on content supplied by artists. In the 3d clip art world, most content has an attached license that prohibits it from being used if the data can be easily obtained (i.e. in JavaScript model form). Unless a company actually hires an artist to generate custom content that they own (an expensive prospect), they cannot use it on their site.

I am unfamiliar with JavaScript objuscators, but I have heard they are easily subverted. Is there any way to avoid this mess and load custom binary data using JavaScript?

Re: Content protection.

I totally agree that that paragraph is too weak. Firstly, I should imagine that the vast majority of WebGL based applications will execute largely, or entirely on the client. If I code up a fun little 3D arcade-style game, clearly I don't need to write any server side code. At the same time, I don't want my game to be referenced from another site, or simply ripped and hosted somewhere else. Furthermore, I don't want my game to be 'modded' freely - modify the textures and, 'hey, I have a brand new 'original' game!!'

I'm all for open source, but what's the point in building technology if it can be trivially duplicated or reverse engineered? Obfuscation simply doesn't cut it. Although I haven't done it, I'm having a hard time believing you can't reformat and deduce the 'meaning' of the original Javascript if you have a little time on your hands.

I take your point about the protection of 3D model data. I'm not a Javascript guru, but presumably there is a way to encrypt datafiles? At least in a way that is more robust that code obfuscation!

Re: Content protection.

Content protection doesn't marry well to the web world. The platform is open and even if content protection where to be written into browsers, what would be the point?! The standard would have to be open so ANYONE can retrieve the data. Plus, many browsers are open source so getting at the data would just require minor patches.

I think the key here is that the value will be in the system as a whole and not the content. I doubt very much that a purely client side arcade-style game would be all that popular on the web. The web allows for much richer uses, integration with services like tiwtter/facebook and multiplayer will probably become the expected norm. At that point the content starts to play second fiddle to the delivery systems. I bet any money that content producers will rapidly catch up and get rid of the restrictions that stop there content being distributed, else I'm sure a service will pop up to fill the hole.

Plus, this isn't like distributing music or movies. I'm yet to see a commercially successful game cobbled together from assets that someone has managed to rip off from other games Even then getting past obfuscation and learning the code would probably be far more time consuming, guessing what variable do what, etc..it's just easier to rewrite.

Re: Content protection.

I'm all for open source. But we do live in a capitalistic society, and greedy people will be people, so here's a solution: do exactly what people who want to sell images do, but in 3D.

You combine (mesh union) your model with a 3D watermark (say, a logo). It's almost impossible to reverse-engineer since the original model and the watermark will be a single 3d mesh now. Randomly varying the position of the watermark can add extra protection.

I sure hope this doesn't become the norm. Closed-source is often closed-minded.

Re: Content protection.

Why is that? I'm not aware of any rulebook that says data has to be of any particular format.

You combine (mesh union) your model with a 3D watermark (say, a logo).

This misses the point, since what I'm talking about is the licensing of that work by third parties that want to use it without a watermark.

I think the key here is that the value will be in the system as a whole and not the content...I bet any money that content producers will rapidly catch up and get rid of the restrictions that stop there content being distributed, else I'm sure a service will pop up to fill the hole.

Sure, at great expense to the artists!

I'm all for open formats and even open source, to a degree. But artists and programmers have a right to be compensated for their efforts. Personally, I'm more concerned about the JavaScript/WebGL marriage than I am about the content. I am interested in porting my OpenGL engine to WebGL and I'm not sure obfuscation will be enough to prevent theft. I realize that the nature of the internet makes it impossible to protect anything 100%, but I must object to the ease with which anyone can get access to the source - just right-click and there it is!

Re: Content protection.

With regard to open standards, if open source browsers exist what sort of protection do you suppose a browser will be able to provide? If I want you put in a restriction what's to stop someone else taking it out?

Obfuscation is not at all easy to get around, you loose all context so there is often little point in even trying to figure it out. Let's put it this way, the following function:
var BOB=function(t,o0,o1,o2,t0,t1,t2){var d00=t.v00-o0;var d01=t.v01-o1;var d02=t.v02-o2;if(d00*t0+d01*t1+d02*t2>0){var d10=t.v10-o0;var d11=t.v11-o1;var d12=t.v12-o2;var d20=t.v20-o0;var d21=t.v21-o1;var d22=t.v22-o2;var e00=d01*d12-d02*d11;var e01=d02*d10-d00*d12;var e02=d00*d11-d01*d10;var e10=d11*d22-d12*d21;var e11=d12*d20-d10*d22;var e12=d10*d21-d11*d20;var l1=e00*t0+e01*t1+e02*t2;var l2=e10*t0+e11*t1+e12*t2;if(l1*l2>=0){var e20=d21*d02-d22*d01;var e21=d22*d00-d20*d02;var e22=d20*d01-d21*d00;var l3=e20*t0+e21*t1+e22*t2;if(l2*l3>=0){var n0=t.n0;var n1=t.n1;var n2=t.n2;var d1=o0*n0-o1*n1-o2*n2+tri.d;var d2=d1/(t0*n0+t1*n1+t2*n2);return {P:[o0+t0*d2,o1+t1*d2,o2+t2*d2],N:[t.n0,t.n1,t.n2]};}}}return false;}

Do you have any idea what it does? Personally I wouldn't bother trying to find out. It would probably take at least an hour or two for something that might be garbage when you find out. Plus, chances are it can only by gleaned by someone with considerable JS experience and at least have some clue as to the context. Where as that same person could probably write a function to do the same thing in maybe half hour.

I admit it might be easier to get round simpler code(but even then probably not worth the effort). But, if you're planing on doing a game engine it's complexity should make it very unpalatable for someone trying and get past the obfuscation.

Re: Content protection.

The obfuscation I've seen thus far isn't quite that good, but I agree it's not something I would personally bother trying to reverse engineer. 'Seems there are some people out there with a lot of time on their hands, though. That was a good point regarding open source browsers. I'll stop whining now and get back to coding.

Re: Content protection.

Not sure why content protection was even brought up in this FAQ --- total non-issue.

For 30 years, video game companies have shipped artwork with their games and copyright has been a sufficient tool to protect their rights.

Technical content protection techniques have never worked, because at the end of the day you still have to deliver the graphics to the user. For 2d/video, they tried it with HDMI, and it failed (http://en.wikipedia.org/wiki/High-bandw ... ey_release). There just are too many levels at which content can be intercepted --- even for 3D graphics where the raw texture/model data can't just be intercepted as 2D graphics can, one can still easily run the app against fake D3D/GL libs, or fake drivers, or just run it in a debugger, and get the data.

Re: Content protection.

Just want to clarify that this isn't specific to WebGL or to the browser, in particular doesn't rely on browsers being open-source as was mentioned above in this thread, the same applies to any software.